Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber Security Management


Published on

Published in: Business
  • Be the first to comment

Cyber Security Management

  1. 1. Management SolutionsEnd-to-end management solutions tailored to your needsAchieve compliance toISO27001 - the internationalcybersecurity managementstandardImplement an ISMSeffectively and efficientlywith bespokedocumentation toolkitsTrain your staff with theworld’s first programmeof certificated ISO27001educationReduce time and overheadsin conducting informationsecurity risk assessment withvsRiskTMReceive professionalconsultancy support
  2. 2. vsRiskTMSimplifies InformationSecurity Risk AssessmentRisk assessment is the corecompetence required to achievecompliance to ISO27001 andensure effective information security management.Clause 4.2.1(c) of the standard defines that the riskassessment methodology must produce ‘comparableand reproducible results’ establishing a baseline againstwhich the effect of the application of controls (riskcountermeasures) can be measured.vsRiskTMautomates and simplifies the risk assessmentprocess and significatly reduces time and overheads.It assesses confidentiality, integrity and availability ofall information assets. This tool contains all ISO27001/ISO27002 controls with additional control databasesavailable.vsRiskTMis available as either a standalone or networkenabled can IT Governance help your organisation comply with ISO27001 - the internationalcybersecurity standard?IT Governance offers many varied tools and resources to help your organisation achieve compliance to ISO27001.From copies of the ISO27001 family of standards, books and risk assessment software tools, through to training andconsultancy, we can help you and your organisation at every step of the way. Below is a selection of the resourceswe offer that can guide you through the process of implementing an ISO2700-compliant Information SecurityManagement System (ISMS).You can download a free ISO27001 Introductory Green Paper from our website:‘Fantastic course for anyone wanting to make an informed decision aroundimplementing ISO27001’Rich Mullens, Head of IT, Home Fundraising LtdStandardsISO27001 LibraryFoundation CourseLead ImplementervsRiskTMToolPen TestingPlanToolkitTraining & AwarenessCompliance DatabaseRisk ManagementDoInternal AuditorLead AuditorPen TestingMonitor & ReviewPreparation for AuditCertification AuditCheckReview & ImproveMaintenance ServicePost-stage 2 AuditActIT GovernanceThe single source for all your cybersecurity and ISO27001 requirementsISO27000 StandardsAll ISO27001 projects require a detailed understandingof the Standards and we recommend you purchase andread the original copies from our extensive range ofstandards and ISO27001 LibraryIT Governance offers the most comprehensive rangeof ISO27001, IT governance and information securitypublications available in the market today. Frompocket guides covering the basics to implementationguides with detailed explanations, our books provide acomplete solution for every member of staff involved inimplementing and maintaining the ISO27001
  3. 3. ISO27001 DocumentationToolkitsOur unique documentationtoolkits are designed to acceleratethe development of an ISO27001Information Security ManagementSystem and to fully satisfy the documentationrequirements as outlined by Clause 4.3 of the Standard.With 120 pre-written policies, procedures and templatestogether with practical books and guides, toolkitsare compiled to provide a complete ‘out-of-the-box’solution designed to save you time and money in thecreation of all essential ISO27001 documents. Packageoptions include copies of the Standards, the vsRiskTMriskassessment software tool and 12 months of automaticupdates and 6 months of documentation ComplianceDatabase and Update ServiceClause 4.2.1(b)2 of the ISO27001Standard requires you to develop yourISMS, taking ‘into account businessand legal or regulatory requirements,and contractual security obligations’.The ISO27001 Compliance Database and Update Service(available on a subscription basis) delivers all of thedocumentation and regulations required to develop yourISMS. This includes the growing number of statutes andregulations, IPR and copyright, software protection, dataprotection, privacy, PCI DSS and cryptographic TestingPenetration Testing (often called ‘SecurityTesting’) establishes if the security inplace to protect a network or applicationagainst external threats is adequate andfunctioning correctly. It is an essential component inany ISO27001 ISMS – from the initial risk assessmentprocess, the subsequent Risk Treatment Plan and toensuring ongoing corrective and preventative action.IT Governance offers a range of Penetration Testingservices designed to test network infrastructure, Webapplications and wireless TrainingIT Governance is responsible for delivering the world’sfirst programme of certificated ISO27001 education. Weoffer delegates the opportunity to attain an industry-standard qualification building a successful career ininformation security, as well as to help their organisationachieve compliance and implement best practice withthe Standard. Clause 5.2.2 of ISO27001 specifies thatorganisations must ensure that ‘all relevant personnel arecompetent to perform the tasks required of them’.Foundation LevelISO27001 Certified ISMS Foundation (CIS F)ISO27002 Certified Foundation (EXIN Certificate)Advanced LevelISO27001 Certified ISMS Lead Implementer (CIS F)ISO27001 ISMS Internal AuditorISO27001 Certified ISMS Lead Auditor (CIS LI)ISO27005 Certified ISMS Risk Management (CIS RM)Delegates who successfully complete the examinationsassociated with the ISO27001 ISMS Foundation, LeadImplementer, Lead Auditor and Risk Managementcourses are awarded qualifications approved by theInternational Board for IT Governance Qualifications.IT Governance is an Approved Learning Provider for theMOD Enhanced Learning Credits Scheme (ELCAS) Security &ISO27001 AwarenessE-learningE-learning is the most cost-effectiveway to deliver the information securityawareness training required by clause A8.2.2 of theISO27001 Standard. Our comprehensive e-learningcourse is designed to increase employees’ awarenessof the ISO27001 requirements and thereby reducethe organisation’s liability due to security failures. Thiscourse not only familiarises learners with the basics ofinformation security, including security threats via e-mails,the Internet and in the workplace, but also introduces thepolicies on incident reporting and‘Support during [the audit] was excellent. I could not have had the confidence toconduct it without [IT Governance].’Shila Parbhoo, Welsh Assembly Government Statistical Directorate
  4. 4. Recognised by third party accredited certificationbodiesWhilst independent of vendors and certificationbodies, encouraging clients to select the best-fit fortheir needs and objectives, IT Governance is widelyrecognised amongst UKAS accredited certificationbodies as a leading ISO27001 + 44 845 070 1750Version 3.3Consultancy ServicesWe are acknowledged by our peers as one of the leadingISO27001 consultants in the UK. Our expertise withISO27001 (what used to be called BS7799/ISO17799)dates from the very first implementation of an accreditedISMS. Our experienced and practical consultants provideadvice and support through all phases of an ISO27001project, from pre-planning and board approval throughto implementation and successful certification.By creating a unique mix of the following services, ITGovernance is able to provide the skills and advice yourequire at a cost you can afford:Mentor and CoachAn assigned consultant advises your internal projectteam on the key stages of the project, developinganswers from first principles to ensure knowledgetransfer and understanding.In HouseWe take away the problem of resourcing key aspects ofyour project, handling specific tasks, or even the hassleof running your project by providing a resource to workfor you – similar to having an interim specialist focusedjust on your specific project needs.LiveOnlineWe provide detailed, focused advice on resolving yourissues, delivered remotely by one of our resident experts.FastTrackFor smaller organisations based at a single officelocation, our fixed price FastTrackTMISO27001Consultancy Service will deliver UKAS-accreditedISO27001 certification in just three months.Why choose IT Governance consultancy for yourISO27001 project?• Free initial assessment• Pragmatic and proven approach• Skills and knowledge transfer through comprehensivetraining offerings and mentor and coach approach• Future-proofed solutions to ensure post-certificationcosts are Governance has beenawarded both ISO27001and ISO9001 certification.Ongoing Support & MaintenanceTo support the maintenance of your Information SecurityManagement System and ensure on-going certificationto ISO27001, IT Governance is able to provide:• Corrective and preventive actions, documentupdates and risk reviews• Internal audit to check that controls in place areworking as expected• Attendance at certification audits to answer theexternal auditors’ questions.Reviewing & Improving Your ISO27001ISMS TrainingThis unique training programme presented by AlanCalder and Steve Watkins delivers advice and updateson:• New technical threats and vulnerabilities• Relevant changes to legislation• How to achieve compliance to additional standardsThe course will ensure the continued effectiveness ofyour ISO27001 ISMS in a rapidly changing business andtechnology environment.Call +44 (0)845 070 1750 for details.